Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) …
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the …
Ghidra 11.3 released: New features, performance improvements, bug fixes
NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to …
Infosec pros struggle under growing compliance
The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and …
Overconfident execs are making their companies vulnerable to fraud
Cyber fraud (which includes activity such as hacking, deepfakes, voice cloning and highly sophisticated phishing schemes) rose by 14% year over year, according to Trustpair. …
New infosec products of the week: February 7, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Dynatrace, Nymi, Qualys, SafeBreach, and Satori. Qualys TotalAppSec enables …
Ransomware payments plummet as more victims refuse to pay
Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. …
Suspected NATO, UN, US Army hacker arrested in Spain
The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation …
The overlooked risks of poor data hygiene in AI-driven organizations
In this Help Net Security interview, Oliver Friedrichs, CEO at Pangea, discusses why strong data hygiene is more important than ever as companies integrate AI into their …
Enterprises invest heavily in AI-powered solutions
AI is driving significant changes in attack sources, with 88% of enterprises observing an increase in AI-powered bot attacks in the last two years, according to Arkose Labs. …
How to customize Safari for private browsing on iOS
Apple’s Safari browser includes several features aimed at enhancing privacy while browsing the web. Two of the most notable privacy features are Intelligent Tracking …
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore …